Add pledge(2) support for OpenBSD

pledges for i3:
"stdio rpath unix" for talking to the i3 socket usually in /tmp
"proc exec" for executing programs
"wpath cpath" are needed for the restart-in-place functionality

To make this work, @semarie pointed out that it is sufficient to ensure
that we get physical_mem_bytes only once, namely in init_logging().

pledges for i3-msg:
"stdio rpath unix" are needed for talking to the i3-socket

pledges for i3-nagbar
"rpath getpw" to find the home directory
"wpath cpath" to write the script
"proc exec" to execute the script

i3-msg/main.c

@@ -119,6 +119,10 @@ static yajl_callbacks reply_callbacks = {
 };
 
 int main(int argc, char *argv[]) {
+#if defined(__OpenBSD__)
+    if (pledge("stdio rpath unix", NULL) == -1)
+        err(EXIT_FAILURE, "pledge");
+#endif
     char *env_socket_path = getenv("I3SOCK");
     if (env_socket_path)
         socket_path = sstrdup(env_socket_path);

i3-nagbar/main.c

@@ -470,6 +470,11 @@ int main(int argc, char *argv[]) {
     font = load_font(pattern, true);
     set_font(&font);
 
+#if defined(__OpenBSD__)
+    if (pledge("stdio rpath wpath cpath getpw proc exec", NULL) == -1)
+        err(EXIT_FAILURE, "pledge");
+#endif
+
     xcb_rectangle_t win_pos = get_window_position();
 
     xcb_cursor_t cursor;

src/log.c

@@ -58,6 +58,8 @@ static char *loglastwrap;
 static int logbuffer_size;
 /* File descriptor for shm_open. */
 static int logbuffer_shm;
+/* Size (in bytes) of physical memory */
+static long long physical_mem_bytes;
 
 /*
  * Writes the offsets for the next write and for the last wrap to the
@@ -89,6 +91,16 @@ void init_logging(void) {
             }
         }
     }
+    if (physical_mem_bytes == 0) {
+#if defined(__APPLE__)
+        int mib[2] = {CTL_HW, HW_MEMSIZE};
+        size_t length = sizeof(long long);
+        sysctl(mib, 2, &physical_mem_bytes, &length, NULL, 0);
+#else
+        physical_mem_bytes = (long long)sysconf(_SC_PHYS_PAGES) *
+                             sysconf(_SC_PAGESIZE);
+#endif
+    }
     /* Start SHM logging if shmlog_size is > 0. shmlog_size is SHMLOG_SIZE by
      * default on development versions, and 0 on release versions. If it is
      * not > 0, the user has turned it off, so let's close the logbuffer. */
@@ -108,15 +120,6 @@ void open_logbuffer(void) {
          * For 512 MiB of RAM this will lead to a 5 MiB log buffer.
          * At the moment (2011-12-10), no testcase leads to an i3 log
          * of more than ~ 600 KiB. */
-    long long physical_mem_bytes;
-#if defined(__APPLE__)
-    int mib[2] = {CTL_HW, HW_MEMSIZE};
-    size_t length = sizeof(long long);
-    sysctl(mib, 2, &physical_mem_bytes, &length, NULL, 0);
-#else
-    physical_mem_bytes = (long long)sysconf(_SC_PHYS_PAGES) *
-                         sysconf(_SC_PAGESIZE);
-#endif
     logbuffer_size = min(physical_mem_bytes * 0.01, shmlog_size);
 #if defined(__FreeBSD__)
     sasprintf(&shmlogname, "/tmp/i3-log-%d", getpid());

src/main.c

@@ -802,6 +802,11 @@ int main(int argc, char *argv[]) {
         xcb_free_pixmap(conn, pixmap);
     }
 
+#if defined(__OpenBSD__)
+    if (pledge("stdio rpath wpath cpath proc exec unix", NULL) == -1)
+        err(EXIT_FAILURE, "pledge");
+#endif
+
     struct sigaction action;
 
     action.sa_sigaction = handle_signal;